English
  • English
  • Italian
  • Romanian
  • Hungarian
  • Croatian
  • Slovak
  • Czech Republic
  • Slovenia

TPP Introduction

Application programming interfaces

for access to the Account Information Services and Payment Initiation Services, compliant with the new Payment Services Directive (PSD2), the regulatory technical standard for strong customer authentication (SCA) and open programming interfaces and the local (Slovenian) legislation, transposing the PSD2 directive into local law.

Legal introduction 

Intesa Sanpaolo Slovenia enables access to accounts (XS2A) utilizing REST API services compliant with The Berlin Group NextGenPSD2 standard version 1.3.4 from July 17th 2019 that is further defined in implementation guidelines.

Access to the API can be requested by any natural or legal person that has the right to API access based on either the:

This means particularly:

Use cases

ID

Use Case

NGP1

Initiation of a single payment

NGP2

Initiation of a future dated single payment

NGP3

Initiation of a multiple/bulk payment

NGP4

Initiation of a recurring payment

NGP5

Cancellation of Payments

NGP6

Establish account information consent

NGP7

Get list of reachable accounts

NGP8

Get account details of a list of accessible accounts

NGP9

Get balances for a given account

NGP10

Get transaction information for a given account

NGP11[1]

Use cases related to card information access

NGP12[2]

Group signing baskets

NGP13

Get confirmation on the availability of funds

 

[1] This use case is currently not supported by the bank's PSD2 API.

[2] This use case is not supported by the bank's PSD2 API.

The listed use-cases are defined within the NextGenPSD2 standard; however, Intesa Sanpaolo Bank Slovenia only supports those combinations of calls and services (compatible with restrictions allowed by NextGenPSD2), which the PSU can execute directly via ISP Slovenia's web mobile bank. An example of an unsupported operation is initiation of a bulk payment by a natural person bank user.

In case of an unsupported operation, the bank will notify the TPP according to NextGenPSD2 specifications.

Recommended onboarding process

  1. TPP registers on https://isbd.openbanking.intesasanpaolo.com/en/sign_up. For a successful registration you should select either:

      1. I'm registered TPP: In this case you should upload public part of a production eIDAS certificate issued by a verified QTSP.

      2. I'm in registration process: In this case you should upload either:

        1. Documentation that proves your TPP registration with a relevant NCA.

        2. Documentation that proves you are in the process of obtaining a TPP registration with a relevant NCA and it is likely that you will obtain such registration.

  2. TPP receives email notification of successful registration.

  3. TPP receives email notification about successful validation of registration, with a password for ISBD Open Banking Group Application.

  4. TPP logs into ISBD Open Banking Group Application and retrieves certificate and password for Sandbox API.

  5. TPP tests Sandbox API using TPP Active Toolkit.

    1. The toolkit is currently provided as a collection of Postman test scenarios. You can find it in Postman collection section of API documentation for ISP Slovenia.

  6. TPP starts using Real API.

 

Technical

Overview

XS2A interface

Access points

Sandbox API base URL: https://gwt.intesasanpaolobank.si/

Real API base URL: https://gw.intesasanpaolobank.si/

Account Information Service (AIS)

Payment Initiation Service (PIS)

Confirmation of Funds Service (PIIS)

Definitions

Term

Meaning

AIS

Account Information Service

AISP

Account Information Service Provider

API

Application Programming Interface

ASPSP

Account Servicing Payment Service Provider

eIDAS

Electronic Identification, Authentication and Trust Services

JSON

JavaScript Object Notation

NCA

National Competent Authority

OpenAPI

Description format for REST APIs

PIIS

Payment Instrument Issuer Service

PIISP

Payment Instrument Issuer Service Provider

PIS

Payment Initiation Service

PISP

Payment Initiation Service Provider

PSU

Payment Service User

QTSP

Qualified Trust Service Provider

Real API

ISP Slovenia PSD2 Real API

REST

Representational State Transfer

Sandbox API

ISP Slovenia PSD2 Sandbox API

SCA

Strong Customer Authentication

TPP

Third Party Provider

URL

Uniform Resource Locator

XS2A

Access to Accounts

Links

Label

Author: Title, [Link]

ISBD Open Banking Group Portal

Intesa Sanpaolo: ISBD Open Banking Group Portal

[https://isbd.openbanking.intesasanpaolo.com/sl/home]

ISBD Open Banking Group Application

Intesa Sanpaolo: ISBD Open Banking Group Application

[https://isbd.openbanking.intesasanpaolo.com/app?module=com.evolutionframework.flatdesign.Login]

NextGenPSD2

The Berlin Group: NextGenPSD2

[https://www.berlin-group.org/nextgenpsd2-downloads]

NextGenPSD2 OR

The Berlin Group: Joint Initiative on a PSD2 Complaint XS2A Interface Operational Rules

[https://77cb457b-3353-4bdc-8ab6-ff6bb2ccdc98.filesusr.com/ugd/c2914b_e0cf45673f124c959d384720b4fb45b9.pdf]

NextGenPSD2 IG

The Berlin Group: Joint Initiative on a PSD2 Complaint XS2A Interface Implementation Guidelines

[https://77cb457b-3353-4bdc-8ab6-ff6bb2ccdc98.filesusr.com/ugd/c2914b_4e199ee414694593858905ff3ef412f6.pdf]

OpenAPI

OpenAPI Specification

[https://swagger.io/specification/]

OP EBA

EBA: Opinion of the European Banking Authority on the implementation of the RTS on SCA and CSC from June 13th 2018

PSD2 2015/2366/EU

Directive (EU) 2015/2366 of the European Parliament and of the Council of November 25th 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (PSD2)

[https://eur-lex.europa.eu/legal-content/SL/TXT/?uri=CELEX:32015L2366]

RTS SCA

Commission Delegated Regulation (EU) 2018/389 of November 27th 2017 supplementing Directive (EU) 2015/2366 of the European Parliament and of the Council with regard to regulatory technical standards for strong customer authentication (RTS SCA) and common and secure open standards of communication (RTS SCS)

[https://eur-lex.europa.eu/legal-content/SL/TXT/HTML/?uri=CELEX:32018R0389]

ZPlaSSEID

Zakon o plačilnih storitvah, storitvah izdajanja elektronskega denarja in plačilnih sistemih (UL 7/18 in 9/18)

[http://www.pisrs.si/Pis.web/pregledPredpisa?id=ZAKO7574]

Copyrights

Author

Copyright

Icons8

Icons in Onboarding chart are used in the context of the free licence of the Icons8 portal

PBZ

Overview chart is used with the permission of PBZ

The Berlin Group

XS2A interface chart is used with the permission of The Berlin Group

Support

If you require further information or to report an issue, you can either:

Updated

January 2022